The shared responsibility model is the cloud security rule that divides duties between the cloud provider and the customer. The provider protects the underlying infrastructure, such as data centers, hypervisors, and managed platform services. The customer is responsible for how services are configured, who can access them, what data they store, and how workloads are secured.
This matters because many cloud breaches are caused by customer-side mistakes rather than provider failures. An exposed database, open management port, weak identity controls, or permissive network rules can give attackers a direct path into cloud workloads. In defense, teams use this model to assign ownership, harden configurations, review access policies, and monitor exposed services. In practice, it means “managed by the cloud” does not mean “secure by default.”



